Re: Research Expectations

["Piazza, John" <jpiazza () ITS UAB EDU>]

It depends on the type of research it appears, Marty. Also , NSF,DOD, NIH,
and FDA among others are requiring security protocols more and more
frequently. I am also hearing that all are looking to create congruence with
the hipaa standard once it is finalized - soon. If you research thta you
iwll find it is the most comprehensive and scalable law ever intorduced in
healthcare, privacy, or security. It is very good stuff and a model higher
ed/educause will be well  advised to consider adopting - in short order.
John

-----Original Message-----
From: Marty Hoag [mailto:Marty.Hoag () NDSU NODAK EDU]
Sent: Wednesday, July 03, 2002 11:35 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Research Expectations


   We were recently preparing information about IT resources for our
researchers.  I was surprised that "safe computing" wasn't a
requirement of the various funding agencies.  It would seem that a
lack of knowledge about the security requirements for IT equipment
might be seen as "dangerous" just as a lack of knowledge of biohazards,
research on human subjects, or research with animals.  The last three
all have institutional review boards which help ensure proper
procedures are followed.  I'm not necessarily advocating a review
board but I think granting agencies should require attention to
IT security.  I was told that this was being discussed in one of
the NSF directorates but I don't know what has come of it.  And I
suspect universities could require security consideration as part
of their local procedures.

   Marty

**********
Participation and subscription information for this EDUCAUSE Discussion
Group discussion list can be found at
http://www.educause.edu/memdir/cg/cg.html.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/memdir/cg/cg.html.